【发布时间】:2022-01-07 03:21:55
【问题描述】:
我正在尝试将 keycloak 客户端连接到 Spring Boot 项目,但我不知道如何解决此问题,尽管我每天都在搜索处理此错误的解决方案。谁能帮帮我?
应用程序属性
keycloak.enabled=true
keycloak.realm=master
keycloak.auth-server-url= http://localhost:8090/auth/
keycloak.resource=admin-cli
keycloak.confidential-port=0
keycloak.public-client=true
keycloak.verify-token-audience=true
keycloak.principal-attribute=preferred_username
keycloak.credentials.secret=ceK01wMKEQ6WoeBAy61PvTLzbt5iAebt
keycloak.credentials.username=root
keycloak.credentials.password=admin
keycloak.ssl-required=external
keycloak.use-resource-role-mappings=true
keycloak.bearer-only =true
密钥斗篷配置
@Value("${keycloak.credentials.secret}}")
private String secretKey;
@Value("${keycloak.resource}")
private String clientId;
@Value("${keycloak.auth-server-url}")
private String authUrl;
@Value("${keycloak.realm}")
private String realm;
@Value("${keycloak.credentials.username}")
private String username;
@Value("${keycloak.credentials.password}")
private String password;
@Bean
public Keycloak initKeycloak(){
return KeycloakBuilder.builder()
.serverUrl(authUrl)
.realm(realm)
.username(username)
.password(password)
.clientId(clientId)
.clientSecret(secretKey)
.build();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.csrf().disable()
.authorizeRequests()
.antMatchers("/admin*")
.hasRole("admin")
.anyRequest()
.permitAll();
}
public SimpleAuthorityMapper grantedAuthority(){
SimpleAuthorityMapper mapper = new SimpleAuthorityMapper();
mapper.setConvertToUpperCase(true);
return mapper;
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(grantedAuthority());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Bean
public KeycloakConfigResolver keycloakConfigResolver(){
return new KeycloakSpringBootConfigResolver();
}
@Bean
public FilterRegistrationBean<KeycloakAuthenticationProcessingFilter> keycloakAuthenticationProcessingFilterRegistrationBean(
KeycloakAuthenticationProcessingFilter filter) {
FilterRegistrationBean<KeycloakAuthenticationProcessingFilter> registrationBean = new FilterRegistrationBean<>(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
@Bean
public FilterRegistrationBean<KeycloakPreAuthActionsFilter> keycloakPreAuthActionsFilterRegistrationBean(
KeycloakPreAuthActionsFilter filter) {
FilterRegistrationBean<KeycloakPreAuthActionsFilter> registrationBean = new FilterRegistrationBean<>(filter);
registrationBean.setEnabled(false);
return registrationBean;
}
本地主机错误
当我访问 localhost:8080 时,显示如下
键入异常报告
Message Can't identify clientAuthenticator from the configuration 客户端 'admin-cli' 。检查您的适配器配置
描述 服务器遇到了一个意外情况 阻止它完成请求。
例外
java.lang.RuntimeException: 无法识别 clientAuthenticator 客户端 'admin-cli' 的配置。检查您的适配器 配置 org.keycloak.adapters.authentication.ClientCredentialsProviderUtils.bootstrapClientAuthenticator(ClientCredentialsProviderUtils.java:54) org.keycloak.adapters.KeycloakDeploymentBuilder.internalBuild(KeycloakDeploymentBuilder.java:99) org.keycloak.adapters.KeycloakDeploymentBuilder.build(KeycloakDeploymentBuilder.java:202) org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:41) org.keycloak.adapters.springsecurity.config.KeycloakSpringConfigResolverWrapper.resolve(KeycloakSpringConfigResolverWrapper.java:40) org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:89) org.keycloak.adapters.PreAuthActionsHandler.preflightCors(PreAuthActionsHandler.java:100) org.keycloak.adapters.PreAuthActionsHandler.handleRequest(PreAuthActionsHandler.java:75) org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.invoke(AbstractKeycloakAuthenticatorValve.java:177) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357) org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382) org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732) org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.base/java.lang.Thread.run(Thread.java:833)
注意根本原因的完整堆栈跟踪在服务器中可用 日志。
钥匙斗篷
我的密钥斗篷网址:localhost:8090/auth
【问题讨论】:
标签: java spring spring-boot spring-security keycloak